I'm there in spirit, though. The title of the hearing is "TSA Oversight
Part III: Effective Security or Security Theater?"
gets uninvited to a US Congress hearing
ICANN will not be fixed. It cannot be fixed. It is structurally constituted
in a manner that cannot reasonably serve the broad interests of today's
global Internet community and the world community at large.
Year after year we've watched ICANN suddenly shift and sway like the
proverbial bull in the china shop, smashing past promises and
pronouncements in its wake. And now, like an out of control starship that
has lurched beyond a black hole's event horizon, it is being sucked
inexorably toward a dark chaos of greed, a maelstrom of its own creation.
-- Lauren Weinstein
My guess is that they can't. That is, they don't have a cryptanalytic
attack against the AES algorithm that allows them to recover a key from
known or chosen ciphertext with a reasonable time and memory complexity.
I believe that what the "top official" was referring to is attacks that
focus on the implementation and bypass the encryption algorithm:
side-channel attacks, attacks against the key generation systems (either
exploiting bad random number generators or sloppy password creation
habits), attacks that target the endpoints of the communication system and
not the wire, attacks that exploit key leakage, attacks against buggy
implementations of the algorithm, and so on. These attacks are likely to be
much more effective against computer encryption.
speculates on whether the NSA can break AES
to post comments)